From 03b79105bc5671a2ae42fa9864b213ff5a9046af Mon Sep 17 00:00:00 2001 From: Eric Meehan Date: Thu, 19 Dec 2024 17:04:06 -0500 Subject: [PATCH] Updated hostname for mailserver --- tasks/{postfix.yaml => mail.yaml} | 58 +++++++++++++++---------------- tasks/main.yaml | 2 +- templates/ldap.toml.j2 | 5 +++ 3 files changed, 35 insertions(+), 30 deletions(-) rename tasks/{postfix.yaml => mail.yaml} (80%) diff --git a/tasks/postfix.yaml b/tasks/mail.yaml similarity index 80% rename from tasks/postfix.yaml rename to tasks/mail.yaml index a7cfd30..31bf653 100644 --- a/tasks/postfix.yaml +++ b/tasks/mail.yaml @@ -1,25 +1,25 @@ --- -# tasks file for postfix -- name: Create Postfix namespace +# tasks file for mail +- name: Create DMS namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: - name: postfix + name: mail -- name: Request a certificate for postfix +- name: Request a certificate for DMS k8s: state: present definition: apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: postfix - namespace: postfix + name: mail + namespace: mail spec: - secretName: postfix + secretName: mail privateKey: algorithm: RSA encoding: PKCS1 @@ -33,10 +33,10 @@ subject: organizations: - EOM - commonName: postfix.eom.dev + commonName: mail.eom.dev dnsNames: - - postfix.eom.dev - - dovecot.eom.dev + - mail.eom.dev + - eom.dev issuerRef: name: ca-issuer kind: ClusterIssuer @@ -48,8 +48,8 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: postfix - namespace: postfix + name: mail + namespace: mail spec: accessModes: - ReadWriteOnce @@ -63,25 +63,25 @@ apiVersion: v1 kind: Deployment metadata: - name: postfix - namespace: postfix + name: mail + namespace: mail spec: replicas: 1 selector: matchLabels: - app: postfix + app: mail template: metadata: labels: - app: postfix + app: mail spec: containers: - - name: postfix + - name: mail image: mailserver/docker-mailserver volumeMounts: - name: ssl mountPath: /etc/letsencrypt - - name: postfix + - name: mail mountPath: /var/mail ports: - containerPort: 25 @@ -90,9 +90,9 @@ - containerPort: 993 env: - name: OVERRIDE_HOSTNAME - value: "postfix.eom.dev" + value: "mail.eom.dev" - name: POSTMASTER_ADDRESS - value: "postfix@postfix.eom.dev" + value: "postmaster@eom.dev" - name: ACCOUNT_PROVISIONER value: "LDAP" - name: LDAP_SERVER_HOST @@ -106,7 +106,7 @@ - name: LDAP_QUERY_FILTER_DOMAIN value: "(mail=*@%s)" - name: LDAP_QUERY_FILTER_USER - value: "(&(mail=%s)(memberOf=cn=Postfix Users,ou=Postfix,ou=Services,dc=eom,dc=dev))" + value: "(&(mail=%s)(memberOf=cn=Mail Users,ou=Mail,ou=Services,dc=eom,dc=dev))" - name: LDAP_QUERY_FILTER_ALIAS value: "(&(objectClass=posixAccount)(mailAlias=%s))" - name: LDAP_QUERY_FILTER_GROUP @@ -120,7 +120,7 @@ - name: DOVECOT_DEFAULT_PASS_SCHEME value: "MD5-CRYPT" - name: DOVECOT_USER_FILTER - value: "(&(objectClass=posixAccount)(uid=%n)(memberOf=cn=Dovecot Users,ou=Dovecot,ou=Services,dc=eom,dc=dev))" + value: "(&(objectClass=posixAccount)(uid=%n)(memberOf=cn=Mail Users,ou=Mail,ou=Services,dc=eom,dc=dev))" - name: DOVECOT_PASS_ATTRS value: "uid=user,userPassword=password" - name: DOVECOT_USER_ATTRS @@ -130,7 +130,7 @@ - name: SASLAUTHD_MECHANISMS value: "ldap" - name: SASLAUTHD_LDAP_FILTER - value: "(mail=%U@postfix.eom.dev)" + value: "(mail=%U@eom.dev)" - name: SSL_TYPE value: "manual" - name: SSL_CERT_PATH @@ -140,10 +140,10 @@ volumes: - name: ssl secret: - secretName: postfix - - name: postfix + secretName: mail + - name: mail persistentVolumeClaim: - claimName: postfix + claimName: mail - name: Expose deployment as a service k8s: @@ -151,11 +151,11 @@ apiVersion: v1 kind: Service metadata: - name: postfix - namespace: postfix + name: mail + namespace: mail spec: selector: - app: postfix + app: mail ports: - port: 25 name: smtp-a diff --git a/tasks/main.yaml b/tasks/main.yaml index a43ff35..cf30a2e 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -3,4 +3,4 @@ - name: Deploy include_tasks: "{{ item }}" loop: - - collabora.yaml + - mail.yaml diff --git a/templates/ldap.toml.j2 b/templates/ldap.toml.j2 index 2e3321e..05cb264 100644 --- a/templates/ldap.toml.j2 +++ b/templates/ldap.toml.j2 @@ -62,3 +62,8 @@ org_role = "Viewer" group_dn = "cn=DevOps Owners,ou=DevOps,ou=Organizations,dc=eom,dc=dev" org_id = 2 org_role = "Admin" + +[[servers.group_mappings]] +group_dn = "cn=Finance Owners,ou=Finance,ou=Organizations,dc=eom,dc=dev" +org_id = 3 +org_role = "Admin"